On Mon, 30 Jun 2014, Joel Sing wrote:
> On Sun, 29 Jun 2014, Stuart Henderson wrote:
> > Does anyone have ideas about this before I start digging to find when
> > it got broken?
>
> Still digging, but it looks like it will be caused by
> crypto/pkcs7/pk7_doit.c. r1.20...
The following diff resolves the issue:
Index: pk7_doit.c
===================================================================
RCS file: /cvs/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c,v
retrieving revision 1.22
diff -u -p -r1.22 pk7_doit.c
--- pk7_doit.c 12 Jun 2014 15:49:30 -0000 1.22
+++ pk7_doit.c 29 Jun 2014 15:56:29 -0000
@@ -787,7 +787,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
case NID_pkcs7_signed:
si_sk=p7->d.sign->signer_info;
os=PKCS7_get_octet_string(p7->d.sign->contents);
- if (os == NULL) {
+ if (os == NULL && !PKCS7_is_detached(p7)) {
PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_DECODE_ERROR);
goto err;
}
--
"Action without study is fatal. Study without action is futile."
-- Mary Ritter Beard
